KeyChest Blog

Who Left the Gate Open for a Cyberattack?

Feb 25, 2020 8:20:22 PM / by Dan posted in security, risk management

0 Comments

If you make an internet call from Sydney to Texas, a technology called Border Gateway Protocol, or BGP for short, will ensure that your computer will find your friend in Texas. Just like people have to go through a border gate (or customs if you are at the airport) to enter another country, internet users have to go through a gate to access anything on the internet in another country. Internet users have unknowingly used BGP for over 30 years. The problem is that this old technology leaves the border gate wide open for a special kind of cyberattack.

Read More

Microsoft HTTPS and DNS Hijacking = Big Mess

Feb 19, 2020 9:37:53 PM / by Dan posted in certificate, risk management

0 Comments

Two stories in as many weeks have flushed out some of the management problems Microsoft has with the management of its vast IT inventory - DNS and SSL.

Read More

What are the impacts of cryptography in IT?

May 19, 2019 9:18:49 PM / by Dan posted in security, quora, risk management

0 Comments

Let me assume your question is about the impact on IT users. If you want to think about cryptography as a mechanism to achieve a business / user value, you can see it as a means to extend “trusted environment”.

Read More

Are passwords really more secure if they must be so complex that I can't remember them and write them down?

May 19, 2019 9:15:37 PM / by Dan posted in security, quora, password, risk management

0 Comments

Let me start with a question - why do banks believe that 4 digit PIN on your credit card is secure when a random guess have a chance of 1 in 10,000 to be correct. Does 3496 sound that much more secure than “password123” ?

Read More

KeyChest instant audits

Sep 2, 2017 11:08:00 PM / by Dan posted in security, keychest, risk management

0 Comments

What is KeyChest and its spot check good for?

You may ask why you need another tool, when there's SSL Labs auditing tool, which tells you all you need about the security of your website. The answer is simple,  KeyChest is much more about keeping your servers available than secure. You can only do a thorough security audit on servers, which have been configured and use the certificate you want.

KeyChest.net is about keeping your business up and running. It may be prudent to reach A+ rating at SSL Labs in April, but it doesn't help if your customers can't access your online store in July.

KeyChest gives you all the information you need to keep your servers' SSL certificates up to date. It allows you to plan certificate renewals and tells you when something broke and needs a closer look. This protects you from downtimes as you can plan certificate renewals with enough to resolve any potential problems. Spot checks of KeyChest also help you set up your servers so that your users, customers, and clients can use them and connect to them reliably as we detect issues that may cause random unexpected problems to access your web services.

KeyChest features a powerful Dashboard with details of all your certificates in one place. Dashboard tables list relevant issues, from DNS lookup errors, incomplete trust chains, or certificate expiration dates.

If you just want to keep an eye on your administrators, KeyChest will send you a brief email with all the important metrics.

We also want to show you who issued your certificate and how to save money on the next one. Make you aware of any new certificates issued for any of your servers. One of the main extensions would be integration of reminders into your calendar.

The biggest problem of the security of your servers is that you need to create a new key and certificate. It can be every three months, or once in 2-3 years. The harsh reality is that if you don't do it, your online business will simply grind to halt.

Read More